Question: Probability: The likelihood that a threat will exploit a vulnerability. You can use a scale of 0% (impossible) to 100% (certain to happen) to measure
Probability: The likelihood that a threat will exploit a vulnerability. You can use a scale of 0% (impossible) to 100% (certain to happen) to measure the probability.
Impact: The negative result if a risk occurs. You can use a scale of 0 (minimum) to 100 (maximum) to measure the impact.
You can calculate the risk score using the following formula:
Risk Score = Probability x Impact
For example, if a risk has a probability of 10% and an impact of 80, the risk score is:
10% x 80 = 8
Scenario 2: Richman Investments is concerned about the security of its customer data. Management has determined that the three primary risks the company faces in protecting the data are as follows:
- Unauthorized access by an external party
- Sabotage by an internal employee
- Hardware failures
After surveying key individuals in the company, Richman calculated the probability and impact of each risk, as shown in the table below. Based on the information given above, calculate the risk score for each risk:
| Category | Probability | Impact | Risk Score |
| Unauthorized access by an external party | 25% | 50 |
|
| Sabotage by an internal employee | 75% | 100 |
|
| Hardware failures | 30% | 25 |
|
Which risk has the highest risk score?
|
|
Prioritize the risks from high to low:
| Priority 1 |
|
| Priority 2 |
|
| Priority 3 |
|
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help